Multiple Site Authentication with Cookie

1k Views Asked by Kaan At 17 December 2015 at 15:01

I've multiple intranet sites which are in same domain like:

testsite/site1
testsite/site2

In these applications I'm using OWIN-Mixed authentication. But I couldn't find the way to authenticate a user in one site and use the authentication in the others.

Is there a guide to follow it?

Original Q&A

There are 1 best solutions below

heymega On 17 December 2015 at 15:35

OWIN-Mixed has a Windows Authentication entry point but is using regular forms authentication afterwards.

You need to allow testsite/site1 and testsite/site2 to read the same authentication cookie. To do that you need to ensure the cookie is encrypted with the same key.

You can achieve this by having the same machineKey element in both web.configs

For example, add the following to both Site1's and Site2's web.config file

<machineKey 
  validationKey="55304E97702846DD86E818E6A4924952B3B2D28A06E3F6CC05919C044FDEF6FC0F578FA366ECD838F34AE1806219B4AB1241FFF9CF1B935B46E559286F17AD19"
  decryptionKey="2D18B05A7B82E04AFA36D94658A64281247D81494C95C87A1F2BCDA6C1539437"
  validation="SHA1" decryption="AES"

/>

Make sure the cookie domain and name are the same. Also make sure both applications are on the same domain.

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            CookieDomain = ".testsite.com",
            CookieName = "AuthenticationCookie",

        });

Hope this helps.

Multiple Site Authentication with Cookie

There are 1 best solutions below

Related Questions in ASP.NET-MVC

Related Questions in AUTHENTICATION

Related Questions in OWIN

Related Questions in MIXED-AUTHENTICATION

Trending Questions

Popular # Hahtags

Popular Questions